It seems like a long time ago now that various malware attacks
have changed the security landscape at the operational level and
have exposed vulnerabilities in the automation architecture.
However, as we move towards Smart Manufacturing to improve efficiency,
to improve productivity and delivery reliability using the
principles of Industry 4.0 and the Industrial Internet of Things (IIoT),
the topic of cybersecurity is arguably even more important.
Smart Manufacturing depends on the merging of
the IT and OT layers of a company and when applied to an existing
factory, it would be reasonable to assume that the potential for
cyber attacks, if nothing is done about this, will be significant.
If we were to design a new factory, it would be relatively
be easy to build these while taking into account all current
cyber security issues and vulnerabilities. The reality is that most
factories have been around for a long time and most of them
automation considerations are focused on productivity and not on
cyber security. In this existing industrial landscape, it was realized
that operating systems were potentially vulnerable, often as a result of
outdated or poorly maintained operating systems and CD drives or USB ports
that were not locked.
Cybersecurity is an arms race of escalating
capabilities, so 'defenders' of vulnerable assets should view it as a
journey rather than a destination, requiring them to constantly reassess the situation
assess and implement new defenses when necessary. This
all in a trend of ever-expanding systems, which must be open and
control increasingly complex systems.
To be successful, the defense strategy must be against
cyber attacks are viewed as a whole and at all levels of the
enterprise take place. This must start at the factory level and manufacturers
of automation equipment should consider whether they want to build in security
as a natural part of the design process.
PLCs (programmable logic controllers) must
for example, contain multiple built-in features, such as
hardware security keys and multi-layer password structures.
The use of hardware verification of the
security key prevents programs from being opened or edited on
unapproved PCs that are not "bound" to the
security key. PLC CPUs can also be linked to the security key
and programs cannot run unless this hardware agreement is
exists. This also has the advantage that the intellectual property of the
control system is protected. In addition, IP filtering should be used to
to record the IP addresses of devices approved for access
to any PLC or HMI (Human Machine Interface). This allows unauthorized
access much more difficult.
While end users want maximum security; they will
also continue to insist on simple operation. Some of these
automation security measures, all of which are optional, would
can make it more complicated and therefore the entire security must be considered,
taking into account all aspects of the operation. It may be that in some
areas, some measures can be relaxed for the benefit of the
continuation of business operations and that is fine as long as the risk is
estimated and countermeasures are taken elsewhere to contain the threat
reduce. As with everything related to cybersecurity, the
considerations are “how likely is it” and “what is the risk”! Security
and operational systems must be designed around these key criteria
designed.
There will always be people who for whatever reason
also seek unauthorized access to control systems. Therefore,
manufacturers and control engineers incorporate safety measures into their products and
build systems in and recognize that these are overcome obstacles rather than
of insurmountable obstacles, and therefore must be constantly renewed and redeveloped.
We know from experience that the control software is the latest
link is in the construction of a machine or process and that there are always enormous
interests play a role in making the machine produce as quickly as possible. Furthermore
cybersecurity is like buying a safe or making a backup. You don't know until
what a mess it can cause when it's too late!
Make sure you stay one step ahead and think about your security,
There are already many options built into the PLC/HMI!
